Use this procedure to configure secure user login authentication with either of the following authentication modes:- Local
- Local means authentication is done locally with the accounts on the ExtremeCloud IQ Controller.
- RADIUS
-
RADIUS means authentication requests are directed to a RADIUS server.
RADIUS authentication requires the configuration and use of an AAA policy. See AAA RADIUS Authentication in ExtremeCloud IQ Controller User Guide for further detail.
- Go to , then select the RADIUS tab.
The Authentication Order table lists authentication modes and the order in which they are invoked. The possible authentication modes include Local and RADIUS. Local authentication appears in the table by default, but it can be removed or re-added.
- Choose from the following actions:
- To add an authentication mode, select Add.
Note
Only one of each type of authentication mode can exist. If
Local mode appears in the table, you can add only RADIUS and, conversely, if
RADIUS appears in the table, you can add only Local.
- To change the order in which authentication modes are invoked, select a mode type in the table, then use the up and down arrow icons to move the mode to first or second place in the order.
Note
Order the modes as Local first and RADIUS second until you have tested the RADIUS authentication.
- To remove a mode type from the table, select it and then select the trash can icon.
- For RADIUS authentication mode, choose from the following actions:
- Select an existing policy from the AAA Policy drop-down list.
- Select an existing policy from the AAA Policy drop-down list. Then select
to edit the policy settings. - Select
to create a new AAA policy.
- Select Save.
- Select Test to test your server connection.
Make sure the test completes successfully.
- With the server order still Local first and RADIUS second, log in with your Active Directory user name and password. If this fails, make sure your Remote Access Policy is returning the required Service-Type of Administrative.
